How do I discover all CVE Records with SADP containers?

[zmanion]

Option 1: Search the entire corpus (cloned repository) for .containers.adp[].x_adpType == supplier?

Option 2: ?

Is this even a necessary capability? The forward lookup is "given this CVE ID, show me any SADP containers."

[zmanion]

For the test environment, the minimum requirement is that there is a list (or ability to generate a list) of CVE IDs that have SADP containers.

1. For reasons, it will probably not be practical for the back end to automatically maintain this list.
2. It is possible for the Secretariat to search the test corpus for Records with SADP containers but this is a manual process.
3. So we're considering requiring participants to maintain their individual lists of CVE IDs for Records the participants have added SADP containers to.
4. One option is to just maintain these lists (and possibly a merged list) in this repository, consumers would use that list to maintain their individual data sets.
5. Another option is to stash the CVE Records (JSON files) themselves in this repository. This could be done by the Secretariat based on the list of CVE IDs, or individual participants could issue PRs to add or update the CVE Records. This option allows a consumer to just clone and pull this repository instead of needing to maintain their own data sets.